Apple Adds 'BlastDoor' To Secure iOS From Zero-Click Attacks (securityweek.com) 17
wiredmikey shares a report from SecurityWeek.com: Apple has quietly added several anti-exploit mitigations into iOS in what appears to be a specific response to zero-click iMessage attacks observed in the wild. The new mitigations were discovered by Samuel Grob, a Google Project Zero security researcher, [with the first big addition being] a new, tightly sandboxed "BlastDoor" service that is now responsible for the parsing of untrusted data in iMessages.
With iOS 14, Grob discovered that Apple shipped a significant refactoring of iMessage processing, and made all four parts of an attack much harder to succeed. Apple added logic into iOS 14 to specifically detect [shared cache region] attacks and new techniques to limit an attacker's ability to retry exploits or brute force Address Space Layout Randomization (ASLR). "Overall, these changes are probably very close to the best that could've been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole," the Google researcher added.
With iOS 14, Grob discovered that Apple shipped a significant refactoring of iMessage processing, and made all four parts of an attack much harder to succeed. Apple added logic into iOS 14 to specifically detect [shared cache region] attacks and new techniques to limit an attacker's ability to retry exploits or brute force Address Space Layout Randomization (ASLR). "Overall, these changes are probably very close to the best that could've been done given the need for backwards compatibility, and they should have a significant impact on the security of iMessage and the platform as a whole," the Google researcher added.
Re: (Score:2)
All software has bugs. I don't think either Google or Apple makes more perfect software than the other. I do know that Apple does not have the same advertising motive that Google does, Apple has less reason to capture and catalog my data.
Re: (Score:1)
Re:Security (Score:5, Insightful)
I think that you are missing the point...
The iPhone is more secure because of the tight control that Apple has over security updates. Within a week or so, the vast majority of active iPhones will have this update (I upgraded to iOS14.4 on all my devices already).
But just because Apple has this tight control (walled garden) does not make iPhone or its software more or less bug-free than a Samsung or LG running Android. All software has bugs... some of those bugs can lead to security exploits and system vulnerabilities.
Apple is not necessarily more responsive or faster as addressing these flaws than Google (they certainly are faster than Samsung and LG)... but when they are addressed, the rollout is more comprehensive, which makes the entire ecosystem a lot more secure because attack vectors that might exploit unpatched devices in the Android world find it much harder to find these kind of gaps in the iOS ecosystem.
Re: (Score:3)
Depends on how one defines "secure". Android uses Linux users and groups, as well as SELinux to keep apps from getting out of their areas. Android also uses both loopback mounted filesystems and encrypting /data with dm-crypt for its data at rest protection. With Android, you can have a boot PIN or password separate from your screen one, to ensure that a brute force attack is infeasible, especially with newer phones with TPMs that will cut things off and drop their stored keys after 30 or so attempts.
iOS
Re: (Score:1)
Re: (Score:2)
All software has bugs...
That is wrong.
Re: (Score:3)
Buy a midrange Android phone. How many OS updates will you receive? Meanwhile iPhone 6 devices are still getting updates.
Re: Security (Score:1)
Re: (Score:3)
backward compatibility? (Score:2)
F that. Just put a limit on the character set and don't automatically parse anything other than substituting emojis. Is that fricking hard?
Re: (Score:1)
Stupid is as Stupid Does (Score:2)
If they knew the difference between CODE and DATA then there would have been no problem whatsoever. Clearly they have been following along in the Microsoft tradition of EXECUTING DATA -- a course of action which has always, without fail, led to disastrous consequences.
Yet another example of the little kiddies being hoisted by their own petards.
What about iOS v12? (Score:3)
Did iOS v12.5.1 fix it?
Moot point if vendors don't patch older devices? (Score:2)
My Nexus6 hasn't seen an official OS update in years. It still does everything I need it to do.